Domino’s India’s official website — dominos.co.in was hacked by Turkish hackers that call themselves, Turkish Ajan Hacker Group, according to a report by cybernewsinfo.The hackers have reportedly leaked 37,000 login details of Dominos India customers including their usernames, plain text passwords, email addresses, telephone numbers, state name and IDs. Note that MediaNama is unable to verify this, independently, and there’s been no communication by Dominos India on the said leak.
Apart from customer details, the leak also contains details from the Dominos India website which might allow administrator access to other domains on the site.
The hacker first posted about the hack on Turkish forum — Turkishajan.com where they posted that they have uploaded all the account details on Pastebin.com. However, at the time of writing this post, the data uploaded seems to have been pulled down. Domino’s Pizza, Inc., an international pizza delivery corporation headquartered in Michigan, United States, runs its Indian operation through its master franchise, Jubilant FoodWorks.
According to a report by Business Standard, the Turkish hacker used SQL injection method and remote file inclusion for stealing the private data. These days the risk of SQL injection is on rise due to the advent of automated tools. Previously, hackers had to inject SQL codes manually to hack into databases.
Source